[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A couple of questions and concerns about Emacs network security

From: Lars Ingebrigtsen
Subject: Re: A couple of questions and concerns about Emacs network security
Date: Sat, 23 Jun 2018 01:21:38 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)

Paul Eggert <address@hidden> writes:

> On 06/22/2018 03:00 PM, Jimmy Yuen Ho Wong wrote:
>> 1. Can we update the default network security settings?
> Yes, I would think so, in the master branch. As you say, the current
> defaults are inappropriate for today's users.

They are?  In what way?

>> there's this thing call `nsm.el` seemingly doing redundant checks if
>> your TLS settings are reasonable, what's the history of it and why is
>> it not obsolete when `tls.el` and `starttls.el` are?
> Lars is the person to ask about that. I'll CC: him.

They are not redundant checks.  Emacs lets network actions happen, and
then passes the result to nsm.el, which is very similar to how all other
applications do this stuff (Firefox etc).

The Emacs Network Security Manager does the user interface job handling
various classes of (insecure) network access classes.  Are there places
where it fails to do its job?

You'd set `gnutls-verify-error' and friends only if you don't want to
query the user for how to handle TLS-related problems, but fail
immediately.  But that's not a good default for an interactive

(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

reply via email to

[Prev in Thread] Current Thread [Next in Thread]